@depup/dd-trace 5.90.0-depup.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (929) hide show
  1. package/LICENSE +6 -0
  2. package/LICENSE-3rdparty.csv +102 -0
  3. package/LICENSE.Apache +200 -0
  4. package/LICENSE.BSD3 +29 -0
  5. package/README.md +25 -0
  6. package/changes.json +5 -0
  7. package/ci/cypress/after-run.js +3 -0
  8. package/ci/cypress/after-spec.js +3 -0
  9. package/ci/cypress/plugin.js +13 -0
  10. package/ci/cypress/polyfills.js +25 -0
  11. package/ci/cypress/support.js +3 -0
  12. package/ci/init.js +86 -0
  13. package/esbuild.js +3 -0
  14. package/ext/exporters.d.ts +14 -0
  15. package/ext/exporters.js +13 -0
  16. package/ext/formats.d.ts +11 -0
  17. package/ext/formats.js +9 -0
  18. package/ext/index.d.ts +8 -0
  19. package/ext/index.js +17 -0
  20. package/ext/kinds.d.ts +9 -0
  21. package/ext/kinds.js +9 -0
  22. package/ext/priority.d.ts +8 -0
  23. package/ext/priority.js +8 -0
  24. package/ext/scopes.d.ts +9 -0
  25. package/ext/scopes.js +9 -0
  26. package/ext/tags.d.ts +26 -0
  27. package/ext/tags.js +40 -0
  28. package/ext/types.d.ts +7 -0
  29. package/ext/types.js +7 -0
  30. package/index.d.ts +3811 -0
  31. package/index.js +3 -0
  32. package/init.js +7 -0
  33. package/initialize.mjs +85 -0
  34. package/loader-hook.mjs +77 -0
  35. package/package.json +215 -0
  36. package/packages/datadog-code-origin/index.js +66 -0
  37. package/packages/datadog-core/index.js +5 -0
  38. package/packages/datadog-core/src/storage.js +132 -0
  39. package/packages/datadog-core/src/utils/src/kebabcase.js +14 -0
  40. package/packages/datadog-core/src/utils/src/parse-tags.js +33 -0
  41. package/packages/datadog-core/src/utils/src/pick.js +11 -0
  42. package/packages/datadog-core/src/utils/src/set.js +18 -0
  43. package/packages/datadog-core/src/utils/src/uniq.js +5 -0
  44. package/packages/datadog-esbuild/index.js +403 -0
  45. package/packages/datadog-esbuild/src/log.js +32 -0
  46. package/packages/datadog-esbuild/src/utils.js +218 -0
  47. package/packages/datadog-instrumentations/index.js +5 -0
  48. package/packages/datadog-instrumentations/src/aerospike.js +48 -0
  49. package/packages/datadog-instrumentations/src/ai.js +119 -0
  50. package/packages/datadog-instrumentations/src/amqp10.js +73 -0
  51. package/packages/datadog-instrumentations/src/amqplib.js +146 -0
  52. package/packages/datadog-instrumentations/src/anthropic.js +127 -0
  53. package/packages/datadog-instrumentations/src/apollo-server-core.js +40 -0
  54. package/packages/datadog-instrumentations/src/apollo-server.js +135 -0
  55. package/packages/datadog-instrumentations/src/apollo.js +101 -0
  56. package/packages/datadog-instrumentations/src/avsc.js +39 -0
  57. package/packages/datadog-instrumentations/src/aws-sdk.js +264 -0
  58. package/packages/datadog-instrumentations/src/azure-durable-functions.js +75 -0
  59. package/packages/datadog-instrumentations/src/azure-event-hubs.js +38 -0
  60. package/packages/datadog-instrumentations/src/azure-functions.js +56 -0
  61. package/packages/datadog-instrumentations/src/azure-service-bus.js +71 -0
  62. package/packages/datadog-instrumentations/src/bluebird.js +26 -0
  63. package/packages/datadog-instrumentations/src/body-parser.js +44 -0
  64. package/packages/datadog-instrumentations/src/bullmq.js +11 -0
  65. package/packages/datadog-instrumentations/src/bunyan.js +22 -0
  66. package/packages/datadog-instrumentations/src/cassandra-driver.js +179 -0
  67. package/packages/datadog-instrumentations/src/child_process.js +246 -0
  68. package/packages/datadog-instrumentations/src/confluentinc-kafka-javascript.js +421 -0
  69. package/packages/datadog-instrumentations/src/connect.js +118 -0
  70. package/packages/datadog-instrumentations/src/cookie-parser.js +36 -0
  71. package/packages/datadog-instrumentations/src/cookie.js +21 -0
  72. package/packages/datadog-instrumentations/src/couchbase.js +324 -0
  73. package/packages/datadog-instrumentations/src/crypto.js +33 -0
  74. package/packages/datadog-instrumentations/src/cucumber.js +1096 -0
  75. package/packages/datadog-instrumentations/src/cypress.js +11 -0
  76. package/packages/datadog-instrumentations/src/dd-trace-api.js +7 -0
  77. package/packages/datadog-instrumentations/src/dns.js +98 -0
  78. package/packages/datadog-instrumentations/src/elasticsearch.js +129 -0
  79. package/packages/datadog-instrumentations/src/express-mongo-sanitize.js +45 -0
  80. package/packages/datadog-instrumentations/src/express-session.js +41 -0
  81. package/packages/datadog-instrumentations/src/express.js +253 -0
  82. package/packages/datadog-instrumentations/src/fastify.js +300 -0
  83. package/packages/datadog-instrumentations/src/fetch.js +33 -0
  84. package/packages/datadog-instrumentations/src/find-my-way.js +31 -0
  85. package/packages/datadog-instrumentations/src/fs.js +372 -0
  86. package/packages/datadog-instrumentations/src/generic-pool.js +48 -0
  87. package/packages/datadog-instrumentations/src/google-cloud-pubsub.js +287 -0
  88. package/packages/datadog-instrumentations/src/google-cloud-vertexai.js +101 -0
  89. package/packages/datadog-instrumentations/src/google-genai.js +120 -0
  90. package/packages/datadog-instrumentations/src/graphql.js +382 -0
  91. package/packages/datadog-instrumentations/src/grpc/client.js +258 -0
  92. package/packages/datadog-instrumentations/src/grpc/server.js +154 -0
  93. package/packages/datadog-instrumentations/src/grpc/types.js +10 -0
  94. package/packages/datadog-instrumentations/src/grpc.js +4 -0
  95. package/packages/datadog-instrumentations/src/handlebars.js +40 -0
  96. package/packages/datadog-instrumentations/src/hapi.js +178 -0
  97. package/packages/datadog-instrumentations/src/helpers/bundler-register.js +68 -0
  98. package/packages/datadog-instrumentations/src/helpers/check-require-cache.js +103 -0
  99. package/packages/datadog-instrumentations/src/helpers/extract-package-and-module-path.js +42 -0
  100. package/packages/datadog-instrumentations/src/helpers/fetch.js +26 -0
  101. package/packages/datadog-instrumentations/src/helpers/hook.js +75 -0
  102. package/packages/datadog-instrumentations/src/helpers/hooks.js +151 -0
  103. package/packages/datadog-instrumentations/src/helpers/instrument.js +57 -0
  104. package/packages/datadog-instrumentations/src/helpers/instrumentations.js +8 -0
  105. package/packages/datadog-instrumentations/src/helpers/promise.js +29 -0
  106. package/packages/datadog-instrumentations/src/helpers/register.js +242 -0
  107. package/packages/datadog-instrumentations/src/helpers/rewriter/index.js +70 -0
  108. package/packages/datadog-instrumentations/src/helpers/rewriter/instrumentations/ai.js +103 -0
  109. package/packages/datadog-instrumentations/src/helpers/rewriter/instrumentations/bullmq.js +108 -0
  110. package/packages/datadog-instrumentations/src/helpers/rewriter/instrumentations/index.js +7 -0
  111. package/packages/datadog-instrumentations/src/helpers/rewriter/instrumentations/langchain.js +237 -0
  112. package/packages/datadog-instrumentations/src/helpers/rewriter/loader.js +9 -0
  113. package/packages/datadog-instrumentations/src/helpers/rewriter/loader.mjs +11 -0
  114. package/packages/datadog-instrumentations/src/helpers/rewriter/orchestrion/compiler.js +74 -0
  115. package/packages/datadog-instrumentations/src/helpers/rewriter/orchestrion/index.js +43 -0
  116. package/packages/datadog-instrumentations/src/helpers/rewriter/orchestrion/matcher.js +49 -0
  117. package/packages/datadog-instrumentations/src/helpers/rewriter/orchestrion/transformer.js +121 -0
  118. package/packages/datadog-instrumentations/src/helpers/rewriter/orchestrion/transforms.js +322 -0
  119. package/packages/datadog-instrumentations/src/helpers/router-helper.js +238 -0
  120. package/packages/datadog-instrumentations/src/helpers/shared-utils.js +9 -0
  121. package/packages/datadog-instrumentations/src/hono.js +150 -0
  122. package/packages/datadog-instrumentations/src/http/client.js +315 -0
  123. package/packages/datadog-instrumentations/src/http/server.js +223 -0
  124. package/packages/datadog-instrumentations/src/http.js +4 -0
  125. package/packages/datadog-instrumentations/src/http2/client.js +76 -0
  126. package/packages/datadog-instrumentations/src/http2/server.js +64 -0
  127. package/packages/datadog-instrumentations/src/http2.js +4 -0
  128. package/packages/datadog-instrumentations/src/ioredis.js +57 -0
  129. package/packages/datadog-instrumentations/src/iovalkey.js +47 -0
  130. package/packages/datadog-instrumentations/src/jest.js +1895 -0
  131. package/packages/datadog-instrumentations/src/kafkajs.js +266 -0
  132. package/packages/datadog-instrumentations/src/knex.js +86 -0
  133. package/packages/datadog-instrumentations/src/koa.js +173 -0
  134. package/packages/datadog-instrumentations/src/langchain.js +7 -0
  135. package/packages/datadog-instrumentations/src/ldapjs.js +101 -0
  136. package/packages/datadog-instrumentations/src/light-my-request.js +93 -0
  137. package/packages/datadog-instrumentations/src/limitd-client.js +22 -0
  138. package/packages/datadog-instrumentations/src/lodash.js +30 -0
  139. package/packages/datadog-instrumentations/src/mariadb.js +186 -0
  140. package/packages/datadog-instrumentations/src/memcached.js +45 -0
  141. package/packages/datadog-instrumentations/src/microgateway-core.js +69 -0
  142. package/packages/datadog-instrumentations/src/mocha/common.js +50 -0
  143. package/packages/datadog-instrumentations/src/mocha/main.js +753 -0
  144. package/packages/datadog-instrumentations/src/mocha/utils.js +526 -0
  145. package/packages/datadog-instrumentations/src/mocha/worker.js +104 -0
  146. package/packages/datadog-instrumentations/src/mocha.js +13 -0
  147. package/packages/datadog-instrumentations/src/moleculer/client.js +44 -0
  148. package/packages/datadog-instrumentations/src/moleculer/server.js +58 -0
  149. package/packages/datadog-instrumentations/src/moleculer.js +4 -0
  150. package/packages/datadog-instrumentations/src/mongodb-core.js +213 -0
  151. package/packages/datadog-instrumentations/src/mongodb.js +59 -0
  152. package/packages/datadog-instrumentations/src/mongoose.js +179 -0
  153. package/packages/datadog-instrumentations/src/mquery.js +65 -0
  154. package/packages/datadog-instrumentations/src/multer.js +37 -0
  155. package/packages/datadog-instrumentations/src/mysql.js +105 -0
  156. package/packages/datadog-instrumentations/src/mysql2.js +380 -0
  157. package/packages/datadog-instrumentations/src/net.js +143 -0
  158. package/packages/datadog-instrumentations/src/next.js +320 -0
  159. package/packages/datadog-instrumentations/src/node-serialize.js +22 -0
  160. package/packages/datadog-instrumentations/src/nyc.js +59 -0
  161. package/packages/datadog-instrumentations/src/openai.js +326 -0
  162. package/packages/datadog-instrumentations/src/opensearch.js +11 -0
  163. package/packages/datadog-instrumentations/src/oracledb.js +162 -0
  164. package/packages/datadog-instrumentations/src/orchestrion-config/index.js +86 -0
  165. package/packages/datadog-instrumentations/src/otel-sdk-trace.js +24 -0
  166. package/packages/datadog-instrumentations/src/passport-http.js +10 -0
  167. package/packages/datadog-instrumentations/src/passport-local.js +10 -0
  168. package/packages/datadog-instrumentations/src/passport-utils.js +61 -0
  169. package/packages/datadog-instrumentations/src/passport.js +45 -0
  170. package/packages/datadog-instrumentations/src/pg.js +201 -0
  171. package/packages/datadog-instrumentations/src/pino.js +117 -0
  172. package/packages/datadog-instrumentations/src/playwright.js +1383 -0
  173. package/packages/datadog-instrumentations/src/prisma.js +272 -0
  174. package/packages/datadog-instrumentations/src/process.js +29 -0
  175. package/packages/datadog-instrumentations/src/promise-js.js +15 -0
  176. package/packages/datadog-instrumentations/src/promise.js +14 -0
  177. package/packages/datadog-instrumentations/src/protobufjs.js +128 -0
  178. package/packages/datadog-instrumentations/src/pug.js +23 -0
  179. package/packages/datadog-instrumentations/src/q.js +21 -0
  180. package/packages/datadog-instrumentations/src/redis.js +161 -0
  181. package/packages/datadog-instrumentations/src/restify.js +89 -0
  182. package/packages/datadog-instrumentations/src/rhea.js +237 -0
  183. package/packages/datadog-instrumentations/src/router.js +326 -0
  184. package/packages/datadog-instrumentations/src/selenium.js +80 -0
  185. package/packages/datadog-instrumentations/src/sequelize.js +45 -0
  186. package/packages/datadog-instrumentations/src/sharedb.js +72 -0
  187. package/packages/datadog-instrumentations/src/stripe.js +92 -0
  188. package/packages/datadog-instrumentations/src/tedious.js +63 -0
  189. package/packages/datadog-instrumentations/src/undici.js +29 -0
  190. package/packages/datadog-instrumentations/src/url.js +80 -0
  191. package/packages/datadog-instrumentations/src/vitest.js +1116 -0
  192. package/packages/datadog-instrumentations/src/vm.js +49 -0
  193. package/packages/datadog-instrumentations/src/when.js +14 -0
  194. package/packages/datadog-instrumentations/src/winston.js +78 -0
  195. package/packages/datadog-instrumentations/src/ws.js +264 -0
  196. package/packages/datadog-plugin-aerospike/src/index.js +113 -0
  197. package/packages/datadog-plugin-ai/src/index.js +17 -0
  198. package/packages/datadog-plugin-ai/src/tracing.js +33 -0
  199. package/packages/datadog-plugin-ai/src/utils.js +28 -0
  200. package/packages/datadog-plugin-amqp10/src/consumer.js +34 -0
  201. package/packages/datadog-plugin-amqp10/src/index.js +17 -0
  202. package/packages/datadog-plugin-amqp10/src/producer.js +37 -0
  203. package/packages/datadog-plugin-amqp10/src/util.js +15 -0
  204. package/packages/datadog-plugin-amqplib/src/client.js +44 -0
  205. package/packages/datadog-plugin-amqplib/src/consumer.js +57 -0
  206. package/packages/datadog-plugin-amqplib/src/index.js +20 -0
  207. package/packages/datadog-plugin-amqplib/src/producer.js +63 -0
  208. package/packages/datadog-plugin-amqplib/src/util.js +14 -0
  209. package/packages/datadog-plugin-anthropic/src/index.js +17 -0
  210. package/packages/datadog-plugin-anthropic/src/tracing.js +30 -0
  211. package/packages/datadog-plugin-apollo/src/gateway/execute.js +18 -0
  212. package/packages/datadog-plugin-apollo/src/gateway/fetch.js +39 -0
  213. package/packages/datadog-plugin-apollo/src/gateway/index.js +36 -0
  214. package/packages/datadog-plugin-apollo/src/gateway/plan.js +18 -0
  215. package/packages/datadog-plugin-apollo/src/gateway/postprocessing.js +15 -0
  216. package/packages/datadog-plugin-apollo/src/gateway/request.js +122 -0
  217. package/packages/datadog-plugin-apollo/src/gateway/validate.js +23 -0
  218. package/packages/datadog-plugin-apollo/src/index.js +43 -0
  219. package/packages/datadog-plugin-avsc/src/index.js +11 -0
  220. package/packages/datadog-plugin-avsc/src/schema_iterator.js +176 -0
  221. package/packages/datadog-plugin-aws-sdk/src/base.js +335 -0
  222. package/packages/datadog-plugin-aws-sdk/src/index.js +26 -0
  223. package/packages/datadog-plugin-aws-sdk/src/services/bedrockruntime/index.js +16 -0
  224. package/packages/datadog-plugin-aws-sdk/src/services/bedrockruntime/tracing.js +31 -0
  225. package/packages/datadog-plugin-aws-sdk/src/services/bedrockruntime/utils.js +487 -0
  226. package/packages/datadog-plugin-aws-sdk/src/services/cloudwatchlogs.js +19 -0
  227. package/packages/datadog-plugin-aws-sdk/src/services/default.js +7 -0
  228. package/packages/datadog-plugin-aws-sdk/src/services/dynamodb.js +197 -0
  229. package/packages/datadog-plugin-aws-sdk/src/services/eventbridge.js +53 -0
  230. package/packages/datadog-plugin-aws-sdk/src/services/index.js +16 -0
  231. package/packages/datadog-plugin-aws-sdk/src/services/kinesis.js +214 -0
  232. package/packages/datadog-plugin-aws-sdk/src/services/lambda.js +67 -0
  233. package/packages/datadog-plugin-aws-sdk/src/services/redshift.js +19 -0
  234. package/packages/datadog-plugin-aws-sdk/src/services/s3.js +55 -0
  235. package/packages/datadog-plugin-aws-sdk/src/services/sfn.js +7 -0
  236. package/packages/datadog-plugin-aws-sdk/src/services/sns.js +125 -0
  237. package/packages/datadog-plugin-aws-sdk/src/services/sqs.js +298 -0
  238. package/packages/datadog-plugin-aws-sdk/src/services/states.js +7 -0
  239. package/packages/datadog-plugin-aws-sdk/src/services/stepfunctions.js +64 -0
  240. package/packages/datadog-plugin-aws-sdk/src/util.js +151 -0
  241. package/packages/datadog-plugin-azure-durable-functions/src/index.js +49 -0
  242. package/packages/datadog-plugin-azure-event-hubs/src/index.js +15 -0
  243. package/packages/datadog-plugin-azure-event-hubs/src/producer.js +96 -0
  244. package/packages/datadog-plugin-azure-functions/src/index.js +171 -0
  245. package/packages/datadog-plugin-azure-service-bus/src/index.js +15 -0
  246. package/packages/datadog-plugin-azure-service-bus/src/producer.js +97 -0
  247. package/packages/datadog-plugin-bullmq/src/consumer.js +82 -0
  248. package/packages/datadog-plugin-bullmq/src/index.js +18 -0
  249. package/packages/datadog-plugin-bullmq/src/producer.js +207 -0
  250. package/packages/datadog-plugin-bunyan/src/index.js +8 -0
  251. package/packages/datadog-plugin-cassandra-driver/src/index.js +47 -0
  252. package/packages/datadog-plugin-child_process/src/index.js +111 -0
  253. package/packages/datadog-plugin-child_process/src/scrub-cmd-params.js +127 -0
  254. package/packages/datadog-plugin-confluentinc-kafka-javascript/src/batch-consumer.js +9 -0
  255. package/packages/datadog-plugin-confluentinc-kafka-javascript/src/consumer.js +9 -0
  256. package/packages/datadog-plugin-confluentinc-kafka-javascript/src/index.js +25 -0
  257. package/packages/datadog-plugin-confluentinc-kafka-javascript/src/producer.js +9 -0
  258. package/packages/datadog-plugin-connect/src/index.js +17 -0
  259. package/packages/datadog-plugin-couchbase/src/index.js +94 -0
  260. package/packages/datadog-plugin-cucumber/src/index.js +461 -0
  261. package/packages/datadog-plugin-cypress/src/after-run.js +5 -0
  262. package/packages/datadog-plugin-cypress/src/after-spec.js +5 -0
  263. package/packages/datadog-plugin-cypress/src/cypress-plugin.js +1089 -0
  264. package/packages/datadog-plugin-cypress/src/index.js +11 -0
  265. package/packages/datadog-plugin-cypress/src/plugin.js +57 -0
  266. package/packages/datadog-plugin-cypress/src/source-map-utils.js +297 -0
  267. package/packages/datadog-plugin-cypress/src/support.js +303 -0
  268. package/packages/datadog-plugin-dd-trace-api/src/index.js +117 -0
  269. package/packages/datadog-plugin-dns/src/index.js +23 -0
  270. package/packages/datadog-plugin-dns/src/lookup.js +45 -0
  271. package/packages/datadog-plugin-dns/src/lookup_service.js +28 -0
  272. package/packages/datadog-plugin-dns/src/resolve.js +27 -0
  273. package/packages/datadog-plugin-dns/src/reverse.js +25 -0
  274. package/packages/datadog-plugin-elasticsearch/src/index.js +49 -0
  275. package/packages/datadog-plugin-express/src/code_origin.js +47 -0
  276. package/packages/datadog-plugin-express/src/index.js +17 -0
  277. package/packages/datadog-plugin-express/src/tracing.js +17 -0
  278. package/packages/datadog-plugin-fastify/src/code_origin.js +41 -0
  279. package/packages/datadog-plugin-fastify/src/index.js +17 -0
  280. package/packages/datadog-plugin-fastify/src/tracing.js +34 -0
  281. package/packages/datadog-plugin-fetch/src/index.js +40 -0
  282. package/packages/datadog-plugin-find-my-way/src/index.js +18 -0
  283. package/packages/datadog-plugin-fs/src/index.js +52 -0
  284. package/packages/datadog-plugin-google-cloud-pubsub/src/client.js +39 -0
  285. package/packages/datadog-plugin-google-cloud-pubsub/src/consumer.js +212 -0
  286. package/packages/datadog-plugin-google-cloud-pubsub/src/index.js +19 -0
  287. package/packages/datadog-plugin-google-cloud-pubsub/src/producer.js +191 -0
  288. package/packages/datadog-plugin-google-cloud-pubsub/src/pubsub-push-subscription.js +217 -0
  289. package/packages/datadog-plugin-google-cloud-vertexai/src/index.js +17 -0
  290. package/packages/datadog-plugin-google-cloud-vertexai/src/tracing.js +49 -0
  291. package/packages/datadog-plugin-google-cloud-vertexai/src/utils.js +21 -0
  292. package/packages/datadog-plugin-google-genai/src/index.js +17 -0
  293. package/packages/datadog-plugin-google-genai/src/tracing.js +41 -0
  294. package/packages/datadog-plugin-graphql/src/execute.js +88 -0
  295. package/packages/datadog-plugin-graphql/src/index.js +72 -0
  296. package/packages/datadog-plugin-graphql/src/parse.js +35 -0
  297. package/packages/datadog-plugin-graphql/src/resolve.js +191 -0
  298. package/packages/datadog-plugin-graphql/src/tools/index.js +6 -0
  299. package/packages/datadog-plugin-graphql/src/tools/signature.js +9 -0
  300. package/packages/datadog-plugin-graphql/src/tools/transforms.js +108 -0
  301. package/packages/datadog-plugin-graphql/src/utils.js +49 -0
  302. package/packages/datadog-plugin-graphql/src/validate.js +40 -0
  303. package/packages/datadog-plugin-grpc/src/client.js +129 -0
  304. package/packages/datadog-plugin-grpc/src/index.js +17 -0
  305. package/packages/datadog-plugin-grpc/src/server.js +112 -0
  306. package/packages/datadog-plugin-grpc/src/util.js +66 -0
  307. package/packages/datadog-plugin-hapi/src/index.js +39 -0
  308. package/packages/datadog-plugin-hono/src/index.js +26 -0
  309. package/packages/datadog-plugin-http/src/client.js +244 -0
  310. package/packages/datadog-plugin-http/src/index.js +37 -0
  311. package/packages/datadog-plugin-http/src/server.js +92 -0
  312. package/packages/datadog-plugin-http2/src/client.js +217 -0
  313. package/packages/datadog-plugin-http2/src/index.js +17 -0
  314. package/packages/datadog-plugin-http2/src/server.js +73 -0
  315. package/packages/datadog-plugin-ioredis/src/index.js +9 -0
  316. package/packages/datadog-plugin-iovalkey/src/index.js +16 -0
  317. package/packages/datadog-plugin-jest/src/index.js +558 -0
  318. package/packages/datadog-plugin-jest/src/util.js +176 -0
  319. package/packages/datadog-plugin-kafkajs/src/batch-consumer.js +28 -0
  320. package/packages/datadog-plugin-kafkajs/src/consumer.js +128 -0
  321. package/packages/datadog-plugin-kafkajs/src/index.js +19 -0
  322. package/packages/datadog-plugin-kafkajs/src/producer.js +129 -0
  323. package/packages/datadog-plugin-kafkajs/src/utils.js +27 -0
  324. package/packages/datadog-plugin-koa/src/index.js +22 -0
  325. package/packages/datadog-plugin-langchain/src/handlers/default.js +11 -0
  326. package/packages/datadog-plugin-langchain/src/handlers/embedding.js +18 -0
  327. package/packages/datadog-plugin-langchain/src/handlers/language_models.js +18 -0
  328. package/packages/datadog-plugin-langchain/src/index.js +26 -0
  329. package/packages/datadog-plugin-langchain/src/tokens.js +35 -0
  330. package/packages/datadog-plugin-langchain/src/tracing.js +155 -0
  331. package/packages/datadog-plugin-mariadb/src/index.js +21 -0
  332. package/packages/datadog-plugin-memcached/src/index.js +54 -0
  333. package/packages/datadog-plugin-microgateway-core/src/index.js +26 -0
  334. package/packages/datadog-plugin-mocha/src/index.js +480 -0
  335. package/packages/datadog-plugin-moleculer/src/client.js +42 -0
  336. package/packages/datadog-plugin-moleculer/src/index.js +19 -0
  337. package/packages/datadog-plugin-moleculer/src/server.js +30 -0
  338. package/packages/datadog-plugin-moleculer/src/util.js +21 -0
  339. package/packages/datadog-plugin-mongodb-core/src/index.js +215 -0
  340. package/packages/datadog-plugin-mongoose/src/index.js +20 -0
  341. package/packages/datadog-plugin-mysql/src/index.js +42 -0
  342. package/packages/datadog-plugin-mysql2/src/index.js +25 -0
  343. package/packages/datadog-plugin-net/src/index.js +23 -0
  344. package/packages/datadog-plugin-net/src/ipc.js +23 -0
  345. package/packages/datadog-plugin-net/src/tcp.js +53 -0
  346. package/packages/datadog-plugin-next/src/index.js +155 -0
  347. package/packages/datadog-plugin-nyc/src/index.js +95 -0
  348. package/packages/datadog-plugin-openai/src/index.js +17 -0
  349. package/packages/datadog-plugin-openai/src/services.js +48 -0
  350. package/packages/datadog-plugin-openai/src/stream-helpers.js +159 -0
  351. package/packages/datadog-plugin-openai/src/token-estimator.js +20 -0
  352. package/packages/datadog-plugin-openai/src/tracing.js +723 -0
  353. package/packages/datadog-plugin-opensearch/src/index.js +9 -0
  354. package/packages/datadog-plugin-oracledb/src/connection-parser.js +37 -0
  355. package/packages/datadog-plugin-oracledb/src/index.js +44 -0
  356. package/packages/datadog-plugin-pg/src/index.js +41 -0
  357. package/packages/datadog-plugin-pino/src/index.js +9 -0
  358. package/packages/datadog-plugin-playwright/src/index.js +497 -0
  359. package/packages/datadog-plugin-prisma/src/datadog-tracing-helper.js +118 -0
  360. package/packages/datadog-plugin-prisma/src/index.js +144 -0
  361. package/packages/datadog-plugin-protobufjs/src/index.js +12 -0
  362. package/packages/datadog-plugin-protobufjs/src/schema_iterator.js +181 -0
  363. package/packages/datadog-plugin-redis/src/index.js +95 -0
  364. package/packages/datadog-plugin-restify/src/index.js +29 -0
  365. package/packages/datadog-plugin-rhea/src/consumer.js +68 -0
  366. package/packages/datadog-plugin-rhea/src/index.js +17 -0
  367. package/packages/datadog-plugin-rhea/src/producer.js +54 -0
  368. package/packages/datadog-plugin-router/src/index.js +170 -0
  369. package/packages/datadog-plugin-selenium/src/index.js +66 -0
  370. package/packages/datadog-plugin-sharedb/src/index.js +68 -0
  371. package/packages/datadog-plugin-tedious/src/index.js +36 -0
  372. package/packages/datadog-plugin-undici/src/index.js +313 -0
  373. package/packages/datadog-plugin-vitest/src/index.js +444 -0
  374. package/packages/datadog-plugin-web/src/index.js +18 -0
  375. package/packages/datadog-plugin-winston/src/index.js +8 -0
  376. package/packages/datadog-plugin-ws/src/close.js +121 -0
  377. package/packages/datadog-plugin-ws/src/index.js +30 -0
  378. package/packages/datadog-plugin-ws/src/producer.js +99 -0
  379. package/packages/datadog-plugin-ws/src/receiver.js +110 -0
  380. package/packages/datadog-plugin-ws/src/server.js +106 -0
  381. package/packages/datadog-plugin-ws/src/util.js +139 -0
  382. package/packages/datadog-shimmer/index.js +3 -0
  383. package/packages/datadog-shimmer/src/shimmer.js +279 -0
  384. package/packages/dd-trace/index.js +36 -0
  385. package/packages/dd-trace/src/agent/info.js +57 -0
  386. package/packages/dd-trace/src/agent/url.js +28 -0
  387. package/packages/dd-trace/src/aiguard/client.js +25 -0
  388. package/packages/dd-trace/src/aiguard/noop.js +9 -0
  389. package/packages/dd-trace/src/aiguard/sdk.js +223 -0
  390. package/packages/dd-trace/src/aiguard/tags.js +14 -0
  391. package/packages/dd-trace/src/analytics_sampler.js +15 -0
  392. package/packages/dd-trace/src/appsec/activation.js +29 -0
  393. package/packages/dd-trace/src/appsec/addresses.js +51 -0
  394. package/packages/dd-trace/src/appsec/api_security_sampler.js +117 -0
  395. package/packages/dd-trace/src/appsec/blocked_templates.js +14 -0
  396. package/packages/dd-trace/src/appsec/blocking.js +196 -0
  397. package/packages/dd-trace/src/appsec/channels.js +50 -0
  398. package/packages/dd-trace/src/appsec/downstream_requests.js +302 -0
  399. package/packages/dd-trace/src/appsec/graphql.js +166 -0
  400. package/packages/dd-trace/src/appsec/iast/analyzers/analyzers.js +24 -0
  401. package/packages/dd-trace/src/appsec/iast/analyzers/code-injection-analyzer.js +36 -0
  402. package/packages/dd-trace/src/appsec/iast/analyzers/command-injection-analyzer.js +15 -0
  403. package/packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js +62 -0
  404. package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-base-analyzer.js +72 -0
  405. package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-password-analyzer.js +18 -0
  406. package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-password-rules.js +11 -0
  407. package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-rule-type.js +6 -0
  408. package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-secret-analyzer.js +15 -0
  409. package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-secret-rules.js +741 -0
  410. package/packages/dd-trace/src/appsec/iast/analyzers/hsts-header-missing-analyzer.js +44 -0
  411. package/packages/dd-trace/src/appsec/iast/analyzers/index.js +23 -0
  412. package/packages/dd-trace/src/appsec/iast/analyzers/injection-analyzer.js +42 -0
  413. package/packages/dd-trace/src/appsec/iast/analyzers/insecure-cookie-analyzer.js +12 -0
  414. package/packages/dd-trace/src/appsec/iast/analyzers/ldap-injection-analyzer.js +22 -0
  415. package/packages/dd-trace/src/appsec/iast/analyzers/missing-header-analyzer.js +82 -0
  416. package/packages/dd-trace/src/appsec/iast/analyzers/no-httponly-cookie-analyzer.js +12 -0
  417. package/packages/dd-trace/src/appsec/iast/analyzers/no-samesite-cookie-analyzer.js +12 -0
  418. package/packages/dd-trace/src/appsec/iast/analyzers/nosql-injection-mongodb-analyzer.js +192 -0
  419. package/packages/dd-trace/src/appsec/iast/analyzers/path-traversal-analyzer.js +108 -0
  420. package/packages/dd-trace/src/appsec/iast/analyzers/set-cookies-header-interceptor.js +58 -0
  421. package/packages/dd-trace/src/appsec/iast/analyzers/sql-injection-analyzer.js +102 -0
  422. package/packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js +37 -0
  423. package/packages/dd-trace/src/appsec/iast/analyzers/stored-injection-analyzer.js +11 -0
  424. package/packages/dd-trace/src/appsec/iast/analyzers/template-injection-analyzer.js +18 -0
  425. package/packages/dd-trace/src/appsec/iast/analyzers/untrusted-deserialization-analyzer.js +16 -0
  426. package/packages/dd-trace/src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js +64 -0
  427. package/packages/dd-trace/src/appsec/iast/analyzers/vulnerability-analyzer.js +181 -0
  428. package/packages/dd-trace/src/appsec/iast/analyzers/weak-cipher-analyzer.js +31 -0
  429. package/packages/dd-trace/src/appsec/iast/analyzers/weak-hash-analyzer.js +64 -0
  430. package/packages/dd-trace/src/appsec/iast/analyzers/weak-randomness-analyzer.js +19 -0
  431. package/packages/dd-trace/src/appsec/iast/analyzers/xcontenttype-header-missing-analyzer.js +19 -0
  432. package/packages/dd-trace/src/appsec/iast/context/context-plugin.js +89 -0
  433. package/packages/dd-trace/src/appsec/iast/context/kafka-ctx-plugin.js +14 -0
  434. package/packages/dd-trace/src/appsec/iast/iast-context.js +75 -0
  435. package/packages/dd-trace/src/appsec/iast/iast-plugin.js +230 -0
  436. package/packages/dd-trace/src/appsec/iast/index.js +126 -0
  437. package/packages/dd-trace/src/appsec/iast/overhead-controller.js +209 -0
  438. package/packages/dd-trace/src/appsec/iast/path-line.js +116 -0
  439. package/packages/dd-trace/src/appsec/iast/security-controls/index.js +179 -0
  440. package/packages/dd-trace/src/appsec/iast/security-controls/parser.js +128 -0
  441. package/packages/dd-trace/src/appsec/iast/tags.js +7 -0
  442. package/packages/dd-trace/src/appsec/iast/taint-tracking/constants.js +6 -0
  443. package/packages/dd-trace/src/appsec/iast/taint-tracking/csi-methods.js +24 -0
  444. package/packages/dd-trace/src/appsec/iast/taint-tracking/filter.js +16 -0
  445. package/packages/dd-trace/src/appsec/iast/taint-tracking/index.js +36 -0
  446. package/packages/dd-trace/src/appsec/iast/taint-tracking/operations-taint-object.js +88 -0
  447. package/packages/dd-trace/src/appsec/iast/taint-tracking/operations.js +108 -0
  448. package/packages/dd-trace/src/appsec/iast/taint-tracking/plugin.js +293 -0
  449. package/packages/dd-trace/src/appsec/iast/taint-tracking/plugins/kafka.js +46 -0
  450. package/packages/dd-trace/src/appsec/iast/taint-tracking/rewriter-esm.mjs +76 -0
  451. package/packages/dd-trace/src/appsec/iast/taint-tracking/rewriter-telemetry.js +13 -0
  452. package/packages/dd-trace/src/appsec/iast/taint-tracking/rewriter.js +266 -0
  453. package/packages/dd-trace/src/appsec/iast/taint-tracking/secure-marks-generator.js +13 -0
  454. package/packages/dd-trace/src/appsec/iast/taint-tracking/secure-marks.js +30 -0
  455. package/packages/dd-trace/src/appsec/iast/taint-tracking/source-types.js +15 -0
  456. package/packages/dd-trace/src/appsec/iast/taint-tracking/taint-tracking-impl.js +258 -0
  457. package/packages/dd-trace/src/appsec/iast/telemetry/iast-metric.js +113 -0
  458. package/packages/dd-trace/src/appsec/iast/telemetry/index.js +41 -0
  459. package/packages/dd-trace/src/appsec/iast/telemetry/namespaces.js +112 -0
  460. package/packages/dd-trace/src/appsec/iast/telemetry/span-tags.js +54 -0
  461. package/packages/dd-trace/src/appsec/iast/telemetry/verbosity.js +41 -0
  462. package/packages/dd-trace/src/appsec/iast/utils.js +24 -0
  463. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/constants.js +7 -0
  464. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/range-utils.js +36 -0
  465. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/command-sensitive-analyzer.js +22 -0
  466. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/hardcoded-password-analyzer.js +13 -0
  467. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/json-sensitive-analyzer.js +12 -0
  468. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/ldap-sensitive-analyzer.js +28 -0
  469. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/sql-sensitive-analyzer.js +112 -0
  470. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/tainted-range-based-sensitive-analyzer.js +25 -0
  471. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/url-sensitive-analyzer.js +40 -0
  472. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-handler.js +294 -0
  473. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/index.js +126 -0
  474. package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/utils.js +168 -0
  475. package/packages/dd-trace/src/appsec/iast/vulnerabilities.js +24 -0
  476. package/packages/dd-trace/src/appsec/iast/vulnerability-reporter.js +169 -0
  477. package/packages/dd-trace/src/appsec/index.js +560 -0
  478. package/packages/dd-trace/src/appsec/rasp/command_injection.js +56 -0
  479. package/packages/dd-trace/src/appsec/rasp/fs-plugin.js +103 -0
  480. package/packages/dd-trace/src/appsec/rasp/index.js +140 -0
  481. package/packages/dd-trace/src/appsec/rasp/lfi.js +129 -0
  482. package/packages/dd-trace/src/appsec/rasp/sql_injection.js +108 -0
  483. package/packages/dd-trace/src/appsec/rasp/ssrf.js +102 -0
  484. package/packages/dd-trace/src/appsec/rasp/utils.js +85 -0
  485. package/packages/dd-trace/src/appsec/rc-products.js +10 -0
  486. package/packages/dd-trace/src/appsec/recommended.json +10731 -0
  487. package/packages/dd-trace/src/appsec/remote_config.js +177 -0
  488. package/packages/dd-trace/src/appsec/reporter.js +599 -0
  489. package/packages/dd-trace/src/appsec/rule_manager.js +168 -0
  490. package/packages/dd-trace/src/appsec/sdk/index.js +63 -0
  491. package/packages/dd-trace/src/appsec/sdk/noop.js +27 -0
  492. package/packages/dd-trace/src/appsec/sdk/set_user.js +44 -0
  493. package/packages/dd-trace/src/appsec/sdk/track_event.js +230 -0
  494. package/packages/dd-trace/src/appsec/sdk/user_blocking.js +60 -0
  495. package/packages/dd-trace/src/appsec/sdk/utils.js +29 -0
  496. package/packages/dd-trace/src/appsec/stack_trace.js +117 -0
  497. package/packages/dd-trace/src/appsec/telemetry/common.js +28 -0
  498. package/packages/dd-trace/src/appsec/telemetry/index.js +184 -0
  499. package/packages/dd-trace/src/appsec/telemetry/rasp.js +103 -0
  500. package/packages/dd-trace/src/appsec/telemetry/user.js +32 -0
  501. package/packages/dd-trace/src/appsec/telemetry/waf.js +143 -0
  502. package/packages/dd-trace/src/appsec/user_tracking.js +190 -0
  503. package/packages/dd-trace/src/appsec/waf/diagnostics.js +15 -0
  504. package/packages/dd-trace/src/appsec/waf/index.js +149 -0
  505. package/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js +188 -0
  506. package/packages/dd-trace/src/appsec/waf/waf_manager.js +98 -0
  507. package/packages/dd-trace/src/azure_metadata.js +137 -0
  508. package/packages/dd-trace/src/baggage.js +72 -0
  509. package/packages/dd-trace/src/ci-visibility/coverage-report-discovery.js +82 -0
  510. package/packages/dd-trace/src/ci-visibility/dynamic-instrumentation/index.js +159 -0
  511. package/packages/dd-trace/src/ci-visibility/dynamic-instrumentation/worker/index.js +156 -0
  512. package/packages/dd-trace/src/ci-visibility/early-flake-detection/get-known-tests.js +111 -0
  513. package/packages/dd-trace/src/ci-visibility/encode/json-encoder.js +27 -0
  514. package/packages/dd-trace/src/ci-visibility/exporters/agent-proxy/index.js +104 -0
  515. package/packages/dd-trace/src/ci-visibility/exporters/agentless/coverage-writer.js +78 -0
  516. package/packages/dd-trace/src/ci-visibility/exporters/agentless/di-logs-writer.js +56 -0
  517. package/packages/dd-trace/src/ci-visibility/exporters/agentless/index.js +52 -0
  518. package/packages/dd-trace/src/ci-visibility/exporters/agentless/writer.js +83 -0
  519. package/packages/dd-trace/src/ci-visibility/exporters/ci-visibility-exporter.js +420 -0
  520. package/packages/dd-trace/src/ci-visibility/exporters/git/git_metadata.js +317 -0
  521. package/packages/dd-trace/src/ci-visibility/exporters/test-worker/index.js +114 -0
  522. package/packages/dd-trace/src/ci-visibility/exporters/test-worker/writer.js +76 -0
  523. package/packages/dd-trace/src/ci-visibility/intelligent-test-runner/get-skippable-suites.js +120 -0
  524. package/packages/dd-trace/src/ci-visibility/log-submission/log-submission-plugin.js +54 -0
  525. package/packages/dd-trace/src/ci-visibility/requests/get-library-configuration.js +156 -0
  526. package/packages/dd-trace/src/ci-visibility/requests/request.js +236 -0
  527. package/packages/dd-trace/src/ci-visibility/requests/upload-coverage-report.js +107 -0
  528. package/packages/dd-trace/src/ci-visibility/telemetry.js +204 -0
  529. package/packages/dd-trace/src/ci-visibility/test-api-manual/test-api-manual-plugin.js +63 -0
  530. package/packages/dd-trace/src/ci-visibility/test-management/get-test-management-tests.js +121 -0
  531. package/packages/dd-trace/src/ci-visibility/test-optimization-cache.js +61 -0
  532. package/packages/dd-trace/src/config/defaults.js +174 -0
  533. package/packages/dd-trace/src/config/git_properties.js +120 -0
  534. package/packages/dd-trace/src/config/helper.js +214 -0
  535. package/packages/dd-trace/src/config/index.js +1676 -0
  536. package/packages/dd-trace/src/config/remote_config.js +203 -0
  537. package/packages/dd-trace/src/config/stable.js +93 -0
  538. package/packages/dd-trace/src/config/supported-configurations.json +4136 -0
  539. package/packages/dd-trace/src/constants.js +61 -0
  540. package/packages/dd-trace/src/crashtracking/crashtracker.js +120 -0
  541. package/packages/dd-trace/src/crashtracking/index.js +15 -0
  542. package/packages/dd-trace/src/crashtracking/noop.js +11 -0
  543. package/packages/dd-trace/src/datastreams/checkpointer.js +80 -0
  544. package/packages/dd-trace/src/datastreams/context.js +20 -0
  545. package/packages/dd-trace/src/datastreams/encoding.js +99 -0
  546. package/packages/dd-trace/src/datastreams/fnv.js +25 -0
  547. package/packages/dd-trace/src/datastreams/index.js +129 -0
  548. package/packages/dd-trace/src/datastreams/manager.js +36 -0
  549. package/packages/dd-trace/src/datastreams/pathway.js +187 -0
  550. package/packages/dd-trace/src/datastreams/processor.js +494 -0
  551. package/packages/dd-trace/src/datastreams/schemas/schema.js +10 -0
  552. package/packages/dd-trace/src/datastreams/schemas/schema_builder.js +140 -0
  553. package/packages/dd-trace/src/datastreams/schemas/schema_sampler.js +27 -0
  554. package/packages/dd-trace/src/datastreams/size.js +53 -0
  555. package/packages/dd-trace/src/datastreams/writer.js +70 -0
  556. package/packages/dd-trace/src/debugger/config.js +18 -0
  557. package/packages/dd-trace/src/debugger/constants.js +7 -0
  558. package/packages/dd-trace/src/debugger/devtools_client/breakpoints.js +320 -0
  559. package/packages/dd-trace/src/debugger/devtools_client/condition.js +294 -0
  560. package/packages/dd-trace/src/debugger/devtools_client/config.js +23 -0
  561. package/packages/dd-trace/src/debugger/devtools_client/defaults.js +7 -0
  562. package/packages/dd-trace/src/debugger/devtools_client/index.js +336 -0
  563. package/packages/dd-trace/src/debugger/devtools_client/inspector_promises_polyfill.js +27 -0
  564. package/packages/dd-trace/src/debugger/devtools_client/json-buffer.js +41 -0
  565. package/packages/dd-trace/src/debugger/devtools_client/log.js +30 -0
  566. package/packages/dd-trace/src/debugger/devtools_client/remote_config.js +106 -0
  567. package/packages/dd-trace/src/debugger/devtools_client/send.js +138 -0
  568. package/packages/dd-trace/src/debugger/devtools_client/session.js +17 -0
  569. package/packages/dd-trace/src/debugger/devtools_client/snapshot/collector.js +336 -0
  570. package/packages/dd-trace/src/debugger/devtools_client/snapshot/constants.js +25 -0
  571. package/packages/dd-trace/src/debugger/devtools_client/snapshot/index.js +215 -0
  572. package/packages/dd-trace/src/debugger/devtools_client/snapshot/processor.js +349 -0
  573. package/packages/dd-trace/src/debugger/devtools_client/snapshot/redaction.js +112 -0
  574. package/packages/dd-trace/src/debugger/devtools_client/snapshot/symbols.js +8 -0
  575. package/packages/dd-trace/src/debugger/devtools_client/snapshot-pruner.js +404 -0
  576. package/packages/dd-trace/src/debugger/devtools_client/source-maps.js +72 -0
  577. package/packages/dd-trace/src/debugger/devtools_client/state.js +238 -0
  578. package/packages/dd-trace/src/debugger/devtools_client/status.js +123 -0
  579. package/packages/dd-trace/src/debugger/index.js +259 -0
  580. package/packages/dd-trace/src/dogstatsd.js +412 -0
  581. package/packages/dd-trace/src/encode/0.4.js +425 -0
  582. package/packages/dd-trace/src/encode/0.5.js +77 -0
  583. package/packages/dd-trace/src/encode/agentless-ci-visibility.js +361 -0
  584. package/packages/dd-trace/src/encode/agentless-json.js +200 -0
  585. package/packages/dd-trace/src/encode/coverage-ci-visibility.js +131 -0
  586. package/packages/dd-trace/src/encode/span-stats.js +136 -0
  587. package/packages/dd-trace/src/encode/tags-processors.js +91 -0
  588. package/packages/dd-trace/src/exporter.js +32 -0
  589. package/packages/dd-trace/src/exporters/agent/index.js +65 -0
  590. package/packages/dd-trace/src/exporters/agent/writer.js +110 -0
  591. package/packages/dd-trace/src/exporters/agentless/index.js +132 -0
  592. package/packages/dd-trace/src/exporters/agentless/writer.js +201 -0
  593. package/packages/dd-trace/src/exporters/common/agents.js +42 -0
  594. package/packages/dd-trace/src/exporters/common/buffering-exporter.js +62 -0
  595. package/packages/dd-trace/src/exporters/common/docker.js +52 -0
  596. package/packages/dd-trace/src/exporters/common/form-data.js +59 -0
  597. package/packages/dd-trace/src/exporters/common/request.js +190 -0
  598. package/packages/dd-trace/src/exporters/common/url-to-http-options-polyfill.js +31 -0
  599. package/packages/dd-trace/src/exporters/common/util.js +13 -0
  600. package/packages/dd-trace/src/exporters/common/writer.js +49 -0
  601. package/packages/dd-trace/src/exporters/log/index.js +52 -0
  602. package/packages/dd-trace/src/exporters/span-stats/index.js +20 -0
  603. package/packages/dd-trace/src/exporters/span-stats/writer.js +54 -0
  604. package/packages/dd-trace/src/external-logger/src/index.js +139 -0
  605. package/packages/dd-trace/src/flare/file.js +40 -0
  606. package/packages/dd-trace/src/flare/index.js +101 -0
  607. package/packages/dd-trace/src/git_metadata_tagger.js +19 -0
  608. package/packages/dd-trace/src/guardrails/index.js +76 -0
  609. package/packages/dd-trace/src/guardrails/log.js +32 -0
  610. package/packages/dd-trace/src/guardrails/telemetry.js +92 -0
  611. package/packages/dd-trace/src/guardrails/util.js +8 -0
  612. package/packages/dd-trace/src/heap_snapshots.js +58 -0
  613. package/packages/dd-trace/src/histogram.js +35 -0
  614. package/packages/dd-trace/src/id.js +247 -0
  615. package/packages/dd-trace/src/iitm.js +15 -0
  616. package/packages/dd-trace/src/index.js +15 -0
  617. package/packages/dd-trace/src/lambda/context.js +27 -0
  618. package/packages/dd-trace/src/lambda/handler.js +87 -0
  619. package/packages/dd-trace/src/lambda/index.js +17 -0
  620. package/packages/dd-trace/src/lambda/runtime/errors.js +20 -0
  621. package/packages/dd-trace/src/lambda/runtime/patch.js +77 -0
  622. package/packages/dd-trace/src/lambda/runtime/ritm.js +133 -0
  623. package/packages/dd-trace/src/llmobs/constants/tags.js +55 -0
  624. package/packages/dd-trace/src/llmobs/constants/text.js +6 -0
  625. package/packages/dd-trace/src/llmobs/constants/writers.js +17 -0
  626. package/packages/dd-trace/src/llmobs/index.js +149 -0
  627. package/packages/dd-trace/src/llmobs/noop.js +88 -0
  628. package/packages/dd-trace/src/llmobs/plugins/ai/index.js +399 -0
  629. package/packages/dd-trace/src/llmobs/plugins/ai/util.js +218 -0
  630. package/packages/dd-trace/src/llmobs/plugins/anthropic.js +288 -0
  631. package/packages/dd-trace/src/llmobs/plugins/base.js +96 -0
  632. package/packages/dd-trace/src/llmobs/plugins/bedrockruntime.js +137 -0
  633. package/packages/dd-trace/src/llmobs/plugins/genai/index.js +104 -0
  634. package/packages/dd-trace/src/llmobs/plugins/genai/util.js +486 -0
  635. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/chain.js +20 -0
  636. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/chat_model.js +111 -0
  637. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/embedding.js +42 -0
  638. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/index.js +106 -0
  639. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/llm.js +32 -0
  640. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/tool.js +15 -0
  641. package/packages/dd-trace/src/llmobs/plugins/langchain/handlers/vectorstore.js +36 -0
  642. package/packages/dd-trace/src/llmobs/plugins/langchain/index.js +214 -0
  643. package/packages/dd-trace/src/llmobs/plugins/openai/constants.js +16 -0
  644. package/packages/dd-trace/src/llmobs/plugins/openai/index.js +501 -0
  645. package/packages/dd-trace/src/llmobs/plugins/openai/utils.js +126 -0
  646. package/packages/dd-trace/src/llmobs/plugins/vertexai.js +195 -0
  647. package/packages/dd-trace/src/llmobs/sdk.js +578 -0
  648. package/packages/dd-trace/src/llmobs/span_processor.js +311 -0
  649. package/packages/dd-trace/src/llmobs/storage.js +6 -0
  650. package/packages/dd-trace/src/llmobs/tagger.js +648 -0
  651. package/packages/dd-trace/src/llmobs/telemetry.js +174 -0
  652. package/packages/dd-trace/src/llmobs/util.js +182 -0
  653. package/packages/dd-trace/src/llmobs/writers/base.js +242 -0
  654. package/packages/dd-trace/src/llmobs/writers/evaluations.js +32 -0
  655. package/packages/dd-trace/src/llmobs/writers/spans.js +69 -0
  656. package/packages/dd-trace/src/llmobs/writers/util.js +54 -0
  657. package/packages/dd-trace/src/log/channels.js +78 -0
  658. package/packages/dd-trace/src/log/index.js +157 -0
  659. package/packages/dd-trace/src/log/log.js +76 -0
  660. package/packages/dd-trace/src/log/utils.js +16 -0
  661. package/packages/dd-trace/src/log/writer.js +72 -0
  662. package/packages/dd-trace/src/msgpack/chunk.js +69 -0
  663. package/packages/dd-trace/src/msgpack/encoder.js +308 -0
  664. package/packages/dd-trace/src/msgpack/index.js +6 -0
  665. package/packages/dd-trace/src/noop/dogstatsd.js +19 -0
  666. package/packages/dd-trace/src/noop/proxy.js +106 -0
  667. package/packages/dd-trace/src/noop/scope.js +19 -0
  668. package/packages/dd-trace/src/noop/span.js +50 -0
  669. package/packages/dd-trace/src/noop/span_context.js +16 -0
  670. package/packages/dd-trace/src/noop/tracer.js +47 -0
  671. package/packages/dd-trace/src/openfeature/constants/constants.js +51 -0
  672. package/packages/dd-trace/src/openfeature/flagging_provider.js +47 -0
  673. package/packages/dd-trace/src/openfeature/index.js +77 -0
  674. package/packages/dd-trace/src/openfeature/noop.js +101 -0
  675. package/packages/dd-trace/src/openfeature/remote_config.js +31 -0
  676. package/packages/dd-trace/src/openfeature/writers/base.js +174 -0
  677. package/packages/dd-trace/src/openfeature/writers/exposures.js +173 -0
  678. package/packages/dd-trace/src/openfeature/writers/util.js +38 -0
  679. package/packages/dd-trace/src/opentelemetry/context_manager.js +91 -0
  680. package/packages/dd-trace/src/opentelemetry/logs/batch_log_processor.js +100 -0
  681. package/packages/dd-trace/src/opentelemetry/logs/index.js +87 -0
  682. package/packages/dd-trace/src/opentelemetry/logs/logger.js +83 -0
  683. package/packages/dd-trace/src/opentelemetry/logs/logger_provider.js +126 -0
  684. package/packages/dd-trace/src/opentelemetry/logs/otlp_http_log_exporter.js +55 -0
  685. package/packages/dd-trace/src/opentelemetry/logs/otlp_transformer.js +245 -0
  686. package/packages/dd-trace/src/opentelemetry/metrics/constants.js +34 -0
  687. package/packages/dd-trace/src/opentelemetry/metrics/index.js +81 -0
  688. package/packages/dd-trace/src/opentelemetry/metrics/instruments.js +225 -0
  689. package/packages/dd-trace/src/opentelemetry/metrics/meter.js +171 -0
  690. package/packages/dd-trace/src/opentelemetry/metrics/meter_provider.js +54 -0
  691. package/packages/dd-trace/src/opentelemetry/metrics/otlp_http_metric_exporter.js +62 -0
  692. package/packages/dd-trace/src/opentelemetry/metrics/otlp_transformer.js +251 -0
  693. package/packages/dd-trace/src/opentelemetry/metrics/periodic_metric_reader.js +557 -0
  694. package/packages/dd-trace/src/opentelemetry/otlp/common.proto +116 -0
  695. package/packages/dd-trace/src/opentelemetry/otlp/logs.proto +226 -0
  696. package/packages/dd-trace/src/opentelemetry/otlp/logs_service.proto +78 -0
  697. package/packages/dd-trace/src/opentelemetry/otlp/metrics.proto +720 -0
  698. package/packages/dd-trace/src/opentelemetry/otlp/metrics_service.proto +78 -0
  699. package/packages/dd-trace/src/opentelemetry/otlp/otlp_http_exporter_base.js +168 -0
  700. package/packages/dd-trace/src/opentelemetry/otlp/otlp_transformer_base.js +181 -0
  701. package/packages/dd-trace/src/opentelemetry/otlp/protobuf_loader.js +66 -0
  702. package/packages/dd-trace/src/opentelemetry/otlp/resource.proto +45 -0
  703. package/packages/dd-trace/src/opentelemetry/sampler.js +18 -0
  704. package/packages/dd-trace/src/opentelemetry/span.js +317 -0
  705. package/packages/dd-trace/src/opentelemetry/span_context.js +44 -0
  706. package/packages/dd-trace/src/opentelemetry/span_processor.js +50 -0
  707. package/packages/dd-trace/src/opentelemetry/tracer.js +226 -0
  708. package/packages/dd-trace/src/opentelemetry/tracer_provider.js +80 -0
  709. package/packages/dd-trace/src/opentracing/propagation/binary.js +11 -0
  710. package/packages/dd-trace/src/opentracing/propagation/http.js +7 -0
  711. package/packages/dd-trace/src/opentracing/propagation/log.js +54 -0
  712. package/packages/dd-trace/src/opentracing/propagation/text_map.js +818 -0
  713. package/packages/dd-trace/src/opentracing/propagation/text_map_dsm.js +47 -0
  714. package/packages/dd-trace/src/opentracing/propagation/tracestate.js +103 -0
  715. package/packages/dd-trace/src/opentracing/span.js +412 -0
  716. package/packages/dd-trace/src/opentracing/span_context.js +75 -0
  717. package/packages/dd-trace/src/opentracing/tracer.js +145 -0
  718. package/packages/dd-trace/src/payload-tagging/config/aws.json +106 -0
  719. package/packages/dd-trace/src/payload-tagging/config/index.js +44 -0
  720. package/packages/dd-trace/src/payload-tagging/index.js +110 -0
  721. package/packages/dd-trace/src/payload-tagging/tagging.js +94 -0
  722. package/packages/dd-trace/src/pkg.js +44 -0
  723. package/packages/dd-trace/src/plugin_manager.js +219 -0
  724. package/packages/dd-trace/src/plugins/apollo.js +59 -0
  725. package/packages/dd-trace/src/plugins/cache.js +16 -0
  726. package/packages/dd-trace/src/plugins/ci_plugin.js +786 -0
  727. package/packages/dd-trace/src/plugins/client.js +11 -0
  728. package/packages/dd-trace/src/plugins/composite.js +29 -0
  729. package/packages/dd-trace/src/plugins/consumer.js +21 -0
  730. package/packages/dd-trace/src/plugins/database.js +123 -0
  731. package/packages/dd-trace/src/plugins/inbound.js +11 -0
  732. package/packages/dd-trace/src/plugins/index.js +117 -0
  733. package/packages/dd-trace/src/plugins/log_plugin.js +54 -0
  734. package/packages/dd-trace/src/plugins/outbound.js +159 -0
  735. package/packages/dd-trace/src/plugins/plugin.js +195 -0
  736. package/packages/dd-trace/src/plugins/producer.js +27 -0
  737. package/packages/dd-trace/src/plugins/schema.js +35 -0
  738. package/packages/dd-trace/src/plugins/server.js +11 -0
  739. package/packages/dd-trace/src/plugins/storage.js +23 -0
  740. package/packages/dd-trace/src/plugins/structured_log_plugin.js +9 -0
  741. package/packages/dd-trace/src/plugins/tracing.js +222 -0
  742. package/packages/dd-trace/src/plugins/util/ci.js +843 -0
  743. package/packages/dd-trace/src/plugins/util/env.js +31 -0
  744. package/packages/dd-trace/src/plugins/util/git-cache.js +129 -0
  745. package/packages/dd-trace/src/plugins/util/git.js +613 -0
  746. package/packages/dd-trace/src/plugins/util/inferred_proxy.js +157 -0
  747. package/packages/dd-trace/src/plugins/util/ip_extractor.js +139 -0
  748. package/packages/dd-trace/src/plugins/util/llm.js +54 -0
  749. package/packages/dd-trace/src/plugins/util/stacktrace.js +244 -0
  750. package/packages/dd-trace/src/plugins/util/tags.js +81 -0
  751. package/packages/dd-trace/src/plugins/util/test.js +1202 -0
  752. package/packages/dd-trace/src/plugins/util/url.js +146 -0
  753. package/packages/dd-trace/src/plugins/util/urlfilter.js +32 -0
  754. package/packages/dd-trace/src/plugins/util/user-provided-git.js +91 -0
  755. package/packages/dd-trace/src/plugins/util/web.js +631 -0
  756. package/packages/dd-trace/src/priority_sampler.js +374 -0
  757. package/packages/dd-trace/src/process-tags/index.js +83 -0
  758. package/packages/dd-trace/src/profiler.js +17 -0
  759. package/packages/dd-trace/src/profiling/config.js +473 -0
  760. package/packages/dd-trace/src/profiling/constants.js +15 -0
  761. package/packages/dd-trace/src/profiling/exporter_cli.js +74 -0
  762. package/packages/dd-trace/src/profiling/exporters/agent.js +199 -0
  763. package/packages/dd-trace/src/profiling/exporters/event_serializer.js +91 -0
  764. package/packages/dd-trace/src/profiling/exporters/file.js +35 -0
  765. package/packages/dd-trace/src/profiling/index.js +20 -0
  766. package/packages/dd-trace/src/profiling/libuv-size.js +49 -0
  767. package/packages/dd-trace/src/profiling/loggers/console.js +41 -0
  768. package/packages/dd-trace/src/profiling/profiler.js +430 -0
  769. package/packages/dd-trace/src/profiling/profilers/event_plugins/dns.js +11 -0
  770. package/packages/dd-trace/src/profiling/profilers/event_plugins/dns_lookup.js +16 -0
  771. package/packages/dd-trace/src/profiling/profilers/event_plugins/dns_lookupservice.js +16 -0
  772. package/packages/dd-trace/src/profiling/profilers/event_plugins/dns_resolve.js +24 -0
  773. package/packages/dd-trace/src/profiling/profilers/event_plugins/dns_reverse.js +16 -0
  774. package/packages/dd-trace/src/profiling/profilers/event_plugins/event.js +66 -0
  775. package/packages/dd-trace/src/profiling/profilers/event_plugins/fs.js +45 -0
  776. package/packages/dd-trace/src/profiling/profilers/event_plugins/net.js +20 -0
  777. package/packages/dd-trace/src/profiling/profilers/events.js +466 -0
  778. package/packages/dd-trace/src/profiling/profilers/poisson.js +105 -0
  779. package/packages/dd-trace/src/profiling/profilers/shared.js +55 -0
  780. package/packages/dd-trace/src/profiling/profilers/space.js +77 -0
  781. package/packages/dd-trace/src/profiling/profilers/wall.js +434 -0
  782. package/packages/dd-trace/src/profiling/ssi-heuristics.js +84 -0
  783. package/packages/dd-trace/src/profiling/tagger.js +40 -0
  784. package/packages/dd-trace/src/profiling/webspan-utils.js +25 -0
  785. package/packages/dd-trace/src/propagation-hash/index.js +145 -0
  786. package/packages/dd-trace/src/proxy.js +351 -0
  787. package/packages/dd-trace/src/random_sampler.js +40 -0
  788. package/packages/dd-trace/src/rate_limiter.js +82 -0
  789. package/packages/dd-trace/src/remote_config/apply_states.js +7 -0
  790. package/packages/dd-trace/src/remote_config/capabilities.js +47 -0
  791. package/packages/dd-trace/src/remote_config/index.js +574 -0
  792. package/packages/dd-trace/src/remote_config/scheduler.js +30 -0
  793. package/packages/dd-trace/src/require-package-json.js +33 -0
  794. package/packages/dd-trace/src/ritm.js +211 -0
  795. package/packages/dd-trace/src/runtime_metrics/index.js +34 -0
  796. package/packages/dd-trace/src/runtime_metrics/runtime_metrics.js +373 -0
  797. package/packages/dd-trace/src/sampler.js +63 -0
  798. package/packages/dd-trace/src/sampling_rule.js +267 -0
  799. package/packages/dd-trace/src/scope.js +63 -0
  800. package/packages/dd-trace/src/serverless.js +52 -0
  801. package/packages/dd-trace/src/service-naming/extra-services.js +24 -0
  802. package/packages/dd-trace/src/service-naming/index.js +75 -0
  803. package/packages/dd-trace/src/service-naming/schemas/definition.js +19 -0
  804. package/packages/dd-trace/src/service-naming/schemas/util.js +25 -0
  805. package/packages/dd-trace/src/service-naming/schemas/v0/graphql.js +14 -0
  806. package/packages/dd-trace/src/service-naming/schemas/v0/index.js +11 -0
  807. package/packages/dd-trace/src/service-naming/schemas/v0/messaging.js +102 -0
  808. package/packages/dd-trace/src/service-naming/schemas/v0/serverless.js +18 -0
  809. package/packages/dd-trace/src/service-naming/schemas/v0/storage.js +118 -0
  810. package/packages/dd-trace/src/service-naming/schemas/v0/web.js +92 -0
  811. package/packages/dd-trace/src/service-naming/schemas/v0/websocket.js +30 -0
  812. package/packages/dd-trace/src/service-naming/schemas/v1/graphql.js +14 -0
  813. package/packages/dd-trace/src/service-naming/schemas/v1/index.js +11 -0
  814. package/packages/dd-trace/src/service-naming/schemas/v1/messaging.js +90 -0
  815. package/packages/dd-trace/src/service-naming/schemas/v1/serverless.js +18 -0
  816. package/packages/dd-trace/src/service-naming/schemas/v1/storage.js +86 -0
  817. package/packages/dd-trace/src/service-naming/schemas/v1/web.js +92 -0
  818. package/packages/dd-trace/src/service-naming/schemas/v1/websocket.js +30 -0
  819. package/packages/dd-trace/src/span_format.js +264 -0
  820. package/packages/dd-trace/src/span_processor.js +171 -0
  821. package/packages/dd-trace/src/span_sampler.js +58 -0
  822. package/packages/dd-trace/src/span_stats.js +227 -0
  823. package/packages/dd-trace/src/spanleak.js +97 -0
  824. package/packages/dd-trace/src/standalone/index.js +70 -0
  825. package/packages/dd-trace/src/standalone/product.js +36 -0
  826. package/packages/dd-trace/src/standalone/tracesource.js +36 -0
  827. package/packages/dd-trace/src/standalone/tracesource_priority_sampler.js +59 -0
  828. package/packages/dd-trace/src/startup-log.js +146 -0
  829. package/packages/dd-trace/src/tagger.js +58 -0
  830. package/packages/dd-trace/src/telemetry/dependencies.js +174 -0
  831. package/packages/dd-trace/src/telemetry/endpoints.js +212 -0
  832. package/packages/dd-trace/src/telemetry/index.js +26 -0
  833. package/packages/dd-trace/src/telemetry/logs/index.js +90 -0
  834. package/packages/dd-trace/src/telemetry/logs/log-collector.js +128 -0
  835. package/packages/dd-trace/src/telemetry/metrics.js +288 -0
  836. package/packages/dd-trace/src/telemetry/send-data.js +225 -0
  837. package/packages/dd-trace/src/telemetry/telemetry.js +535 -0
  838. package/packages/dd-trace/src/tracer.js +171 -0
  839. package/packages/dd-trace/src/tracer_metadata.js +29 -0
  840. package/packages/dd-trace/src/util.js +94 -0
  841. package/register.js +8 -0
  842. package/scripts/preinstall.js +34 -0
  843. package/vendor/dist/@datadog/sketches-js/LICENSE +39 -0
  844. package/vendor/dist/@datadog/sketches-js/index.js +1 -0
  845. package/vendor/dist/@datadog/source-map/LICENSE +28 -0
  846. package/vendor/dist/@datadog/source-map/index.js +1 -0
  847. package/vendor/dist/@isaacs/ttlcache/LICENSE +55 -0
  848. package/vendor/dist/@isaacs/ttlcache/index.js +1 -0
  849. package/vendor/dist/@opentelemetry/core/LICENSE +201 -0
  850. package/vendor/dist/@opentelemetry/core/index.js +1 -0
  851. package/vendor/dist/@opentelemetry/resources/LICENSE +201 -0
  852. package/vendor/dist/@opentelemetry/resources/index.js +1 -0
  853. package/vendor/dist/astring/LICENSE +19 -0
  854. package/vendor/dist/astring/index.js +1 -0
  855. package/vendor/dist/crypto-randomuuid/index.js +1 -0
  856. package/vendor/dist/escape-string-regexp/LICENSE +9 -0
  857. package/vendor/dist/escape-string-regexp/index.js +1 -0
  858. package/vendor/dist/esquery/LICENSE +24 -0
  859. package/vendor/dist/esquery/index.js +1 -0
  860. package/vendor/dist/ignore/LICENSE +21 -0
  861. package/vendor/dist/ignore/index.js +1 -0
  862. package/vendor/dist/istanbul-lib-coverage/LICENSE +24 -0
  863. package/vendor/dist/istanbul-lib-coverage/index.js +1 -0
  864. package/vendor/dist/jest-docblock/LICENSE +21 -0
  865. package/vendor/dist/jest-docblock/index.js +1 -0
  866. package/vendor/dist/jsonpath-plus/LICENSE +22 -0
  867. package/vendor/dist/jsonpath-plus/index.js +1 -0
  868. package/vendor/dist/limiter/LICENSE +19 -0
  869. package/vendor/dist/limiter/index.js +1 -0
  870. package/vendor/dist/lodash.sortby/LICENSE +47 -0
  871. package/vendor/dist/lodash.sortby/index.js +1 -0
  872. package/vendor/dist/lru-cache/LICENSE +15 -0
  873. package/vendor/dist/lru-cache/index.js +1 -0
  874. package/vendor/dist/meriyah/LICENSE +7 -0
  875. package/vendor/dist/meriyah/index.js +1 -0
  876. package/vendor/dist/module-details-from-path/LICENSE +21 -0
  877. package/vendor/dist/module-details-from-path/index.js +1 -0
  878. package/vendor/dist/mutexify/promise/LICENSE +21 -0
  879. package/vendor/dist/mutexify/promise/index.js +1 -0
  880. package/vendor/dist/opentracing/LICENSE +201 -0
  881. package/vendor/dist/opentracing/binary_carrier.d.ts +11 -0
  882. package/vendor/dist/opentracing/constants.d.ts +61 -0
  883. package/vendor/dist/opentracing/examples/demo/demo.d.ts +2 -0
  884. package/vendor/dist/opentracing/ext/tags.d.ts +90 -0
  885. package/vendor/dist/opentracing/functions.d.ts +20 -0
  886. package/vendor/dist/opentracing/global_tracer.d.ts +14 -0
  887. package/vendor/dist/opentracing/index.d.ts +12 -0
  888. package/vendor/dist/opentracing/index.js +1 -0
  889. package/vendor/dist/opentracing/mock_tracer/index.d.ts +5 -0
  890. package/vendor/dist/opentracing/mock_tracer/mock_context.d.ts +13 -0
  891. package/vendor/dist/opentracing/mock_tracer/mock_report.d.ts +16 -0
  892. package/vendor/dist/opentracing/mock_tracer/mock_span.d.ts +50 -0
  893. package/vendor/dist/opentracing/mock_tracer/mock_tracer.d.ts +26 -0
  894. package/vendor/dist/opentracing/noop.d.ts +8 -0
  895. package/vendor/dist/opentracing/reference.d.ts +33 -0
  896. package/vendor/dist/opentracing/span.d.ts +147 -0
  897. package/vendor/dist/opentracing/span_context.d.ts +26 -0
  898. package/vendor/dist/opentracing/test/api_compatibility.d.ts +16 -0
  899. package/vendor/dist/opentracing/test/mocktracer_implemenation.d.ts +3 -0
  900. package/vendor/dist/opentracing/test/noop_implementation.d.ts +4 -0
  901. package/vendor/dist/opentracing/test/opentracing_api.d.ts +3 -0
  902. package/vendor/dist/opentracing/test/unittest.d.ts +2 -0
  903. package/vendor/dist/opentracing/tracer.d.ts +127 -0
  904. package/vendor/dist/path-to-regexp/LICENSE +21 -0
  905. package/vendor/dist/path-to-regexp/index.js +1 -0
  906. package/vendor/dist/pprof-format/LICENSE +8 -0
  907. package/vendor/dist/pprof-format/index.js +1 -0
  908. package/vendor/dist/protobufjs/LICENSE +39 -0
  909. package/vendor/dist/protobufjs/index.js +1 -0
  910. package/vendor/dist/protobufjs/minimal/LICENSE +39 -0
  911. package/vendor/dist/protobufjs/minimal/index.js +1 -0
  912. package/vendor/dist/retry/LICENSE +21 -0
  913. package/vendor/dist/retry/index.js +1 -0
  914. package/vendor/dist/rfdc/LICENSE +15 -0
  915. package/vendor/dist/rfdc/index.js +1 -0
  916. package/vendor/dist/semifies/LICENSE +201 -0
  917. package/vendor/dist/semifies/index.js +1 -0
  918. package/vendor/dist/shell-quote/LICENSE +24 -0
  919. package/vendor/dist/shell-quote/index.js +1 -0
  920. package/vendor/dist/source-map/LICENSE +28 -0
  921. package/vendor/dist/source-map/index.js +1 -0
  922. package/vendor/dist/source-map/lib/util/LICENSE +28 -0
  923. package/vendor/dist/source-map/lib/util/index.js +1 -0
  924. package/vendor/dist/source-map/mappings.wasm +0 -0
  925. package/vendor/dist/tlhunter-sorted-set/LICENSE +21 -0
  926. package/vendor/dist/tlhunter-sorted-set/index.js +1 -0
  927. package/vendor/dist/ttl-set/LICENSE +21 -0
  928. package/vendor/dist/ttl-set/index.js +1 -0
  929. package/version.js +18 -0
package/packages/dd-trace/src/appsec/index.js ADDED
@@ -0,0 +1,560 @@
1
+ 'use strict'
2
+
3
+ const log = require('../log')
4
+ const web = require('../plugins/util/web')
5
+ const { extractIp } = require('../plugins/util/ip_extractor')
6
+ const { HTTP_CLIENT_IP } = require('../../../../ext/tags')
7
+ const { storage } = require('../../../datadog-core')
8
+ const { IS_SERVERLESS } = require('../serverless')
9
+ const RuleManager = require('./rule_manager')
10
+ const appsecRemoteConfig = require('./remote_config')
11
+ const {
12
+ bodyParser,
13
+ cookieParser,
14
+ multerParser,
15
+ fastifyBodyParser,
16
+ fastifyCookieParser,
17
+ incomingHttpRequestStart,
18
+ incomingHttpRequestEnd,
19
+ passportVerify,
20
+ passportUser,
21
+ expressSession,
22
+ queryParser,
23
+ nextBodyParsed,
24
+ nextQueryParsed,
25
+ expressProcessParams,
26
+ fastifyQueryParams,
27
+ responseBody,
28
+ responseWriteHead,
29
+ responseSetHeader,
30
+ routerParam,
31
+ fastifyResponseChannel,
32
+ fastifyPathParams,
33
+ stripeCheckoutSessionCreate,
34
+ stripePaymentIntentCreate,
35
+ stripeConstructEvent,
36
+ } = require('./channels')
37
+ const waf = require('./waf')
38
+ const addresses = require('./addresses')
39
+ const Reporter = require('./reporter')
40
+ const appsecTelemetry = require('./telemetry')
41
+ const apiSecuritySampler = require('./api_security_sampler')
42
+ const { isBlocked, block, callBlockDelegation, setTemplates, getBlockingAction } = require('./blocking')
43
+ const UserTracking = require('./user_tracking')
44
+ const graphql = require('./graphql')
45
+ const rasp = require('./rasp')
46
+
47
+ const responseAnalyzedSet = new WeakSet()
48
+ const storedResponseHeaders = new WeakMap()
49
+ const storedBodies = new WeakMap()
50
+
51
+ let isEnabled = false
52
+ let config
53
+
54
+ function enable (_config) {
55
+ if (isEnabled) return
56
+
57
+ try {
58
+ appsecTelemetry.enable(_config)
59
+ graphql.enable()
60
+
61
+ if (_config.appsec.rasp.enabled) {
62
+ rasp.enable(_config)
63
+ }
64
+
65
+ setTemplates(_config)
66
+
67
+ RuleManager.loadRules(_config.appsec)
68
+
69
+ appsecRemoteConfig.enableWafUpdate(_config.appsec)
70
+
71
+ Reporter.init(_config.appsec, _config.inferredProxyServicesEnabled)
72
+
73
+ apiSecuritySampler.configure(_config)
74
+
75
+ UserTracking.setCollectionMode(_config.appsec.eventTracking.mode, false)
76
+
77
+ bodyParser.subscribe(onRequestBodyParsed)
78
+ multerParser.subscribe(onRequestBodyParsed)
79
+ cookieParser.subscribe(onRequestCookieParser)
80
+ incomingHttpRequestStart.subscribe(incomingHttpStartTranslator)
81
+ incomingHttpRequestEnd.subscribe(incomingHttpEndTranslator)
82
+ passportVerify.subscribe(onPassportVerify) // possible optimization: only subscribe if collection mode is enabled
83
+ passportUser.subscribe(onPassportDeserializeUser)
84
+ expressSession.subscribe(onExpressSession)
85
+ queryParser.subscribe(onRequestQueryParsed)
86
+ nextBodyParsed.subscribe(onRequestBodyParsed)
87
+ nextQueryParsed.subscribe(onRequestQueryParsed)
88
+ expressProcessParams.subscribe(onRequestProcessParams)
89
+ fastifyBodyParser.subscribe(onRequestBodyParsed)
90
+ fastifyQueryParams.subscribe(onRequestQueryParsed)
91
+ fastifyCookieParser.subscribe(onRequestCookieParser)
92
+ fastifyPathParams.subscribe(onRequestProcessParams)
93
+ routerParam.subscribe(onRequestProcessParams)
94
+ responseBody.subscribe(onResponseBody)
95
+ fastifyResponseChannel.subscribe(onResponseBody)
96
+ responseWriteHead.subscribe(onResponseWriteHead)
97
+ responseSetHeader.subscribe(onResponseSetHeader)
98
+ stripeCheckoutSessionCreate.subscribe(onStripeCheckoutSessionCreate)
99
+ stripePaymentIntentCreate.subscribe(onStripePaymentIntentCreate)
100
+ stripeConstructEvent.subscribe(onStripeConstructEvent)
101
+
102
+ isEnabled = true
103
+ config = _config
104
+ } catch (err) {
105
+ if (!IS_SERVERLESS) {
106
+ log.error('[ASM] Unable to start AppSec', err)
107
+ }
108
+
109
+ disable()
110
+ }
111
+ }
112
+
113
+ const analyzedBodies = new WeakSet()
114
+
115
+ function onRequestBodyParsed ({ req, res, body, abortController }) {
116
+ if (body === undefined || body === null) return
117
+
118
+ if (!req) {
119
+ const store = storage('legacy').getStore()
120
+ req = store?.req
121
+ }
122
+
123
+ const rootSpan = web.root(req)
124
+ if (!rootSpan) return
125
+
126
+ if (!req.body) {
127
+ // do not store body if it is in req.body
128
+ storedBodies.set(req, body)
129
+ }
130
+
131
+ if (typeof body === 'object') {
132
+ if (isEmptyObject(body)) return
133
+ analyzedBodies.add(body)
134
+ }
135
+
136
+ const results = waf.run({
137
+ persistent: {
138
+ [addresses.HTTP_INCOMING_BODY]: body,
139
+ },
140
+ }, req)
141
+
142
+ handleResults(results?.actions, req, res, rootSpan, abortController)
143
+ }
144
+
145
+ const analyzedCookies = new WeakSet()
146
+
147
+ function onRequestCookieParser ({ req, res, abortController, cookies }) {
148
+ if (!cookies || typeof cookies !== 'object') return
149
+
150
+ const rootSpan = web.root(req)
151
+ if (!rootSpan) return
152
+
153
+ if (isEmptyObject(cookies)) return
154
+ analyzedCookies.add(cookies)
155
+
156
+ const results = waf.run({
157
+ persistent: {
158
+ [addresses.HTTP_INCOMING_COOKIES]: cookies,
159
+ },
160
+ }, req)
161
+
162
+ handleResults(results?.actions, req, res, rootSpan, abortController)
163
+ }
164
+
165
+ function incomingHttpStartTranslator ({ req, res, abortController }) {
166
+ const rootSpan = web.root(req)
167
+ if (!rootSpan) return
168
+
169
+ const clientIp = extractIp(config, req)
170
+
171
+ rootSpan.addTags({
172
+ '_dd.appsec.enabled': 1,
173
+ '_dd.runtime_family': 'nodejs',
174
+ [HTTP_CLIENT_IP]: clientIp,
175
+ })
176
+
177
+ if (config.inferredProxyServicesEnabled) {
178
+ const context = web.getContext(req)
179
+ if (context?.inferredProxySpan) {
180
+ context.inferredProxySpan.setTag('_dd.appsec.enabled', 1)
181
+ }
182
+ }
183
+
184
+ const requestHeaders = { ...req.headers }
185
+ delete requestHeaders.cookie
186
+
187
+ const persistent = {
188
+ [addresses.HTTP_INCOMING_URL]: req.url,
189
+ [addresses.HTTP_INCOMING_HEADERS]: requestHeaders,
190
+ [addresses.HTTP_INCOMING_METHOD]: req.method,
191
+ }
192
+
193
+ if (clientIp) {
194
+ persistent[addresses.HTTP_CLIENT_IP] = clientIp
195
+ }
196
+
197
+ const results = waf.run({ persistent }, req)
198
+
199
+ handleResults(results?.actions, req, res, rootSpan, abortController)
200
+ }
201
+
202
+ function incomingHttpEndTranslator ({ req, res }) {
203
+ const persistent = {}
204
+
205
+ // we need to keep this to support other body parsers
206
+ if (req.body !== undefined && req.body !== null) {
207
+ if (typeof req.body === 'object') {
208
+ if (!isEmptyObject(req.body) && !analyzedBodies.has(req.body)) {
209
+ persistent[addresses.HTTP_INCOMING_BODY] = req.body
210
+ }
211
+ } else {
212
+ persistent[addresses.HTTP_INCOMING_BODY] = req.body
213
+ }
214
+ }
215
+
216
+ // we need to keep this to support other cookie parsers
217
+ if (
218
+ req.cookies !== null &&
219
+ typeof req.cookies === 'object' &&
220
+ !isEmptyObject(req.cookies) &&
221
+ !analyzedCookies.has(req.cookies)
222
+ ) {
223
+ persistent[addresses.HTTP_INCOMING_COOKIES] = req.cookies
224
+ }
225
+
226
+ // we need to keep this to support nextjs
227
+ const query = req.query
228
+ if (
229
+ query !== null &&
230
+ typeof query === 'object' &&
231
+ !isEmptyObject(query)
232
+ ) {
233
+ persistent[addresses.HTTP_INCOMING_QUERY] = query
234
+ }
235
+
236
+ // This hook runs before span finish, so ensure route/endpoint tags are available before API Security sampling runs.
237
+ web.setRouteOrEndpointTag(req)
238
+
239
+ if (apiSecuritySampler.sampleRequest(req, res, true)) {
240
+ persistent[addresses.WAF_CONTEXT_PROCESSOR] = { 'extract-schema': true }
241
+ }
242
+
243
+ if (!isEmptyObject(persistent)) {
244
+ waf.run({ persistent }, req)
245
+ }
246
+
247
+ waf.disposeContext(req)
248
+
249
+ const storedHeaders = storedResponseHeaders.get(req) || {}
250
+
251
+ const body = req.body || storedBodies.get(req)
252
+ Reporter.finishRequest(req, res, storedHeaders, body)
253
+
254
+ if (storedHeaders) {
255
+ storedResponseHeaders.delete(req)
256
+ }
257
+ storedBodies.delete(req)
258
+ }
259
+
260
+ function onPassportVerify ({ framework, login, user, success, abortController }) {
261
+ const store = storage('legacy').getStore()
262
+ const rootSpan = store?.req && web.root(store.req)
263
+
264
+ if (!rootSpan) {
265
+ log.warn('[ASM] No rootSpan found in onPassportVerify')
266
+ return
267
+ }
268
+
269
+ const results = UserTracking.trackLogin(framework, login, user, success, rootSpan)
270
+
271
+ handleResults(results?.actions, store.req, store.req.res, rootSpan, abortController)
272
+ }
273
+
274
+ function onPassportDeserializeUser ({ user, abortController }) {
275
+ const store = storage('legacy').getStore()
276
+ const rootSpan = store?.req && web.root(store.req)
277
+
278
+ if (!rootSpan) {
279
+ log.warn('[ASM] No rootSpan found in onPassportDeserializeUser')
280
+ return
281
+ }
282
+
283
+ const results = UserTracking.trackUser(user, rootSpan)
284
+
285
+ handleResults(results?.actions, store.req, store.req.res, rootSpan, abortController)
286
+ }
287
+
288
+ function onExpressSession ({ req, res, sessionId, abortController }) {
289
+ const rootSpan = web.root(req)
290
+ if (!rootSpan) {
291
+ log.warn('[ASM] No rootSpan found in onExpressSession')
292
+ return
293
+ }
294
+
295
+ const isSdkCalled = rootSpan.context()._tags['usr.session_id']
296
+ if (isSdkCalled) return
297
+
298
+ const results = waf.run({
299
+ persistent: {
300
+ [addresses.USER_SESSION_ID]: sessionId,
301
+ },
302
+ }, req)
303
+
304
+ handleResults(results?.actions, req, res, rootSpan, abortController)
305
+ }
306
+
307
+ function onRequestQueryParsed ({ req, res, query, abortController }) {
308
+ if (!query || typeof query !== 'object') return
309
+
310
+ if (!req) {
311
+ const store = storage('legacy').getStore()
312
+ req = store?.req
313
+ }
314
+
315
+ const rootSpan = web.root(req)
316
+ if (!rootSpan) return
317
+
318
+ if (isEmptyObject(query)) return
319
+
320
+ const results = waf.run({
321
+ persistent: {
322
+ [addresses.HTTP_INCOMING_QUERY]: query,
323
+ },
324
+ }, req)
325
+
326
+ handleResults(results?.actions, req, res, rootSpan, abortController)
327
+ }
328
+
329
+ function onRequestProcessParams ({ req, res, abortController, params }) {
330
+ const rootSpan = web.root(req)
331
+ if (!rootSpan) return
332
+
333
+ if (!params || typeof params !== 'object' || isEmptyObject(params)) return
334
+
335
+ const results = waf.run({
336
+ persistent: {
337
+ [addresses.HTTP_INCOMING_PARAMS]: params,
338
+ },
339
+ }, req)
340
+
341
+ handleResults(results?.actions, req, res, rootSpan, abortController)
342
+ }
343
+
344
+ function onResponseBody ({ req, res, body }) {
345
+ if (!body || typeof body !== 'object') return
346
+ if (!apiSecuritySampler.sampleRequest(req, res)) return
347
+
348
+ // we don't support blocking at this point, so no results needed
349
+ waf.run({
350
+ persistent: {
351
+ [addresses.HTTP_INCOMING_RESPONSE_BODY]: body,
352
+ },
353
+ }, req)
354
+ }
355
+
356
+ function onResponseWriteHead ({ req, res, abortController, statusCode, responseHeaders }) {
357
+ if (!isEmptyObject(responseHeaders)) {
358
+ storedResponseHeaders.set(req, responseHeaders)
359
+ }
360
+
361
+ // TODO: do not call waf if inside block()
362
+ // if (isBlocking()) {
363
+ // return
364
+ // }
365
+
366
+ // avoid "write after end" error
367
+ if (isBlocked(res) || callBlockDelegation(res)) {
368
+ abortController?.abort()
369
+ return
370
+ }
371
+
372
+ // avoid double waf call
373
+ if (responseAnalyzedSet.has(res)) {
374
+ return
375
+ }
376
+
377
+ const rootSpan = web.root(req)
378
+ if (!rootSpan) return
379
+
380
+ responseHeaders = { ...responseHeaders }
381
+ delete responseHeaders['set-cookie']
382
+
383
+ const results = waf.run({
384
+ persistent: {
385
+ [addresses.HTTP_INCOMING_RESPONSE_CODE]: String(statusCode),
386
+ [addresses.HTTP_INCOMING_RESPONSE_HEADERS]: responseHeaders,
387
+ },
388
+ }, req)
389
+
390
+ responseAnalyzedSet.add(res)
391
+
392
+ handleResults(results?.actions, req, res, rootSpan, abortController)
393
+ }
394
+
395
+ function onResponseSetHeader ({ res, abortController }) {
396
+ if (isBlocked(res)) {
397
+ abortController?.abort()
398
+ }
399
+ }
400
+
401
+ function onStripeCheckoutSessionCreate (payload) {
402
+ if (payload?.mode !== 'payment') return
403
+
404
+ waf.run({
405
+ persistent: {
406
+ [addresses.PAYMENT_CREATION]: {
407
+ integration: 'stripe',
408
+ id: payload.id,
409
+ amount_total: payload.amount_total,
410
+ client_reference_id: payload.client_reference_id,
411
+ currency: payload.currency,
412
+ 'discounts.coupon': payload.discounts?.[0]?.coupon,
413
+ 'discounts.promotion_code': payload.discounts?.[0]?.promotion_code,
414
+ livemode: payload.livemode,
415
+ 'total_details.amount_discount': payload.total_details?.amount_discount,
416
+ 'total_details.amount_shipping': payload.total_details?.amount_shipping,
417
+ },
418
+ },
419
+ })
420
+ }
421
+
422
+ function onStripePaymentIntentCreate (payload) {
423
+ if (payload === null || typeof payload !== 'object') return
424
+
425
+ waf.run({
426
+ persistent: {
427
+ [addresses.PAYMENT_CREATION]: {
428
+ integration: 'stripe',
429
+ id: payload.id,
430
+ amount: payload.amount,
431
+ currency: payload.currency,
432
+ livemode: payload.livemode,
433
+ payment_method: payload.payment_method,
434
+ },
435
+ },
436
+ })
437
+ }
438
+
439
+ function onStripeConstructEvent (payload) {
440
+ const object = payload?.data?.object
441
+ if (object === null || typeof object !== 'object') return
442
+
443
+ let persistent
444
+
445
+ switch (payload.type) {
446
+ case 'payment_intent.succeeded':
447
+ persistent = {
448
+ [addresses.PAYMENT_SUCCESS]: {
449
+ integration: 'stripe',
450
+ id: object.id,
451
+ amount: object.amount,
452
+ currency: object.currency,
453
+ livemode: object.livemode,
454
+ payment_method: object.payment_method,
455
+ },
456
+ }
457
+ break
458
+
459
+ case 'payment_intent.payment_failed':
460
+ persistent = {
461
+ [addresses.PAYMENT_FAILURE]: {
462
+ integration: 'stripe',
463
+ id: object.id,
464
+ amount: object.amount,
465
+ currency: object.currency,
466
+ 'last_payment_error.code': object.last_payment_error?.code,
467
+ 'last_payment_error.decline_code': object.last_payment_error?.decline_code,
468
+ 'last_payment_error.payment_method.id': object.last_payment_error?.payment_method?.id,
469
+ 'last_payment_error.payment_method.type': object.last_payment_error?.payment_method?.type,
470
+ livemode: object.livemode,
471
+ },
472
+ }
473
+ break
474
+
475
+ case 'payment_intent.canceled':
476
+ persistent = {
477
+ [addresses.PAYMENT_CANCELLATION]: {
478
+ integration: 'stripe',
479
+ id: object.id,
480
+ amount: object.amount,
481
+ cancellation_reason: object.cancellation_reason,
482
+ currency: object.currency,
483
+ livemode: object.livemode,
484
+ },
485
+ }
486
+ break
487
+
488
+ default:
489
+ return
490
+ }
491
+
492
+ waf.run({ persistent })
493
+ }
494
+
495
+ function handleResults (actions, req, res, rootSpan, abortController) {
496
+ if (!actions || !req || !res || !rootSpan || !abortController) return
497
+
498
+ const blockingAction = getBlockingAction(actions)
499
+ if (blockingAction) {
500
+ block(req, res, rootSpan, abortController, blockingAction)
501
+ }
502
+ }
503
+
504
+ function disable () {
505
+ isEnabled = false
506
+ config = null
507
+
508
+ RuleManager.clearAllRules()
509
+
510
+ appsecTelemetry.disable()
511
+ graphql.disable()
512
+ rasp.disable()
513
+
514
+ appsecRemoteConfig.disableWafUpdate()
515
+
516
+ apiSecuritySampler.disable()
517
+
518
+ // Channel#unsubscribe() is undefined for non active channels
519
+ if (bodyParser.hasSubscribers) bodyParser.unsubscribe(onRequestBodyParsed)
520
+ if (multerParser.hasSubscribers) multerParser.unsubscribe(onRequestBodyParsed)
521
+ if (cookieParser.hasSubscribers) cookieParser.unsubscribe(onRequestCookieParser)
522
+ if (incomingHttpRequestStart.hasSubscribers) incomingHttpRequestStart.unsubscribe(incomingHttpStartTranslator)
523
+ if (incomingHttpRequestEnd.hasSubscribers) incomingHttpRequestEnd.unsubscribe(incomingHttpEndTranslator)
524
+ if (passportVerify.hasSubscribers) passportVerify.unsubscribe(onPassportVerify)
525
+ if (passportUser.hasSubscribers) passportUser.unsubscribe(onPassportDeserializeUser)
526
+ if (expressSession.hasSubscribers) expressSession.unsubscribe(onExpressSession)
527
+ if (queryParser.hasSubscribers) queryParser.unsubscribe(onRequestQueryParsed)
528
+ if (nextBodyParsed.hasSubscribers) nextBodyParsed.unsubscribe(onRequestBodyParsed)
529
+ if (nextQueryParsed.hasSubscribers) nextQueryParsed.unsubscribe(onRequestQueryParsed)
530
+ if (expressProcessParams.hasSubscribers) expressProcessParams.unsubscribe(onRequestProcessParams)
531
+ if (fastifyBodyParser.hasSubscribers) fastifyBodyParser.unsubscribe(onRequestBodyParsed)
532
+ if (fastifyQueryParams.hasSubscribers) fastifyQueryParams.unsubscribe(onRequestQueryParsed)
533
+ if (fastifyCookieParser.hasSubscribers) fastifyCookieParser.unsubscribe(onRequestCookieParser)
534
+ if (fastifyPathParams.hasSubscribers) fastifyPathParams.unsubscribe(onRequestProcessParams)
535
+ if (routerParam.hasSubscribers) routerParam.unsubscribe(onRequestProcessParams)
536
+ if (responseBody.hasSubscribers) responseBody.unsubscribe(onResponseBody)
537
+ if (fastifyResponseChannel.hasSubscribers) fastifyResponseChannel.unsubscribe(onResponseBody)
538
+ if (responseWriteHead.hasSubscribers) responseWriteHead.unsubscribe(onResponseWriteHead)
539
+ if (responseSetHeader.hasSubscribers) responseSetHeader.unsubscribe(onResponseSetHeader)
540
+ if (stripeCheckoutSessionCreate.hasSubscribers) stripeCheckoutSessionCreate.unsubscribe(onStripeCheckoutSessionCreate)
541
+ if (stripePaymentIntentCreate.hasSubscribers) stripePaymentIntentCreate.unsubscribe(onStripePaymentIntentCreate)
542
+ if (stripeConstructEvent.hasSubscribers) stripeConstructEvent.unsubscribe(onStripeConstructEvent)
543
+ }
544
+
545
+ // this is faster than Object.keys().length === 0
546
+ function isEmptyObject (obj) {
547
+ // eslint-disable-next-line no-unreachable-loop
548
+ for (const _ in obj) {
549
+ return false
550
+ }
551
+
552
+ return true
553
+ }
554
+
555
+ module.exports = {
556
+ enable,
557
+ disable,
558
+ incomingHttpStartTranslator,
559
+ incomingHttpEndTranslator,
560
+ }
package/packages/dd-trace/src/appsec/rasp/command_injection.js ADDED
@@ -0,0 +1,56 @@
1
+ 'use strict'
2
+
3
+ const { childProcessExecutionTracingChannel } = require('../channels')
4
+ const { storage } = require('../../../../datadog-core')
5
+ const addresses = require('../addresses')
6
+ const waf = require('../waf')
7
+ const { RULE_TYPES, handleResult } = require('./utils')
8
+
9
+ let config
10
+
11
+ function enable (_config) {
12
+ config = _config
13
+
14
+ childProcessExecutionTracingChannel.subscribe({
15
+ start: analyzeCommandInjection,
16
+ })
17
+ }
18
+
19
+ function disable () {
20
+ if (childProcessExecutionTracingChannel.start.hasSubscribers) {
21
+ childProcessExecutionTracingChannel.unsubscribe({
22
+ start: analyzeCommandInjection,
23
+ })
24
+ }
25
+ }
26
+
27
+ function analyzeCommandInjection ({ file, fileArgs, shell, abortController }) {
28
+ if (!file) return
29
+
30
+ const store = storage('legacy').getStore()
31
+ const req = store?.req
32
+ if (!req) return
33
+
34
+ const ephemeral = {}
35
+ const raspRule = { type: RULE_TYPES.COMMAND_INJECTION }
36
+ const params = fileArgs ? [file, ...fileArgs] : file
37
+
38
+ if (shell) {
39
+ ephemeral[addresses.SHELL_COMMAND] = params
40
+ raspRule.variant = 'shell'
41
+ } else {
42
+ const commandParams = Array.isArray(params) ? params : [params]
43
+ ephemeral[addresses.EXEC_COMMAND] = commandParams
44
+ raspRule.variant = 'exec'
45
+ }
46
+
47
+ const result = waf.run({ ephemeral }, req, raspRule)
48
+
49
+ const res = store?.res
50
+ handleResult(result, req, res, abortController, config, raspRule)
51
+ }
52
+
53
+ module.exports = {
54
+ enable,
55
+ disable,
56
+ }
package/packages/dd-trace/src/appsec/rasp/fs-plugin.js ADDED
@@ -0,0 +1,103 @@
1
+ 'use strict'
2
+
3
+ const Plugin = require('../../plugins/plugin')
4
+ const { storage } = require('../../../../datadog-core')
5
+ const log = require('../../log')
6
+
7
+ const RASP_MODULE = 'rasp'
8
+ const IAST_MODULE = 'iast'
9
+
10
+ const enabledFor = {
11
+ [RASP_MODULE]: false,
12
+ [IAST_MODULE]: false,
13
+ }
14
+
15
+ let fsPlugin
16
+
17
+ function getStoreToStart (fsProps, store = storage('legacy').getStore()) {
18
+ if (store && !store.fs?.opExcluded) {
19
+ return {
20
+ ...store,
21
+ fs: {
22
+ ...store.fs,
23
+ ...fsProps,
24
+ parentStore: store,
25
+ },
26
+ }
27
+ }
28
+
29
+ return store
30
+ }
31
+
32
+ class AppsecFsPlugin extends Plugin {
33
+ enable () {
34
+ this.addBind('apm:fs:operation:start', this._onFsOperationStart)
35
+ this.addBind('apm:fs:operation:finish', this._onFsOperationFinishOrRenderEnd)
36
+ this.addBind('tracing:datadog:express:response:render:start', this._onResponseRenderStart)
37
+ this.addBind('tracing:datadog:express:response:render:end', this._onFsOperationFinishOrRenderEnd)
38
+ // We might have to add the same subscribers for fastify later
39
+
40
+ super.configure(true)
41
+ }
42
+
43
+ disable () {
44
+ super.configure(false)
45
+ }
46
+
47
+ _onFsOperationStart () {
48
+ const store = storage('legacy').getStore()
49
+ if (store) {
50
+ return getStoreToStart({ root: store.fs?.root === undefined }, store)
51
+ }
52
+ }
53
+
54
+ _onResponseRenderStart () {
55
+ return getStoreToStart({ opExcluded: true })
56
+ }
57
+
58
+ _onFsOperationFinishOrRenderEnd () {
59
+ const store = storage('legacy').getStore()
60
+ if (store?.fs) {
61
+ return store.fs.parentStore
62
+ }
63
+ return store
64
+ }
65
+ }
66
+
67
+ function enable (mod) {
68
+ if (enabledFor[mod] !== false) return
69
+
70
+ enabledFor[mod] = true
71
+
72
+ if (!fsPlugin) {
73
+ fsPlugin = new AppsecFsPlugin()
74
+ fsPlugin.enable()
75
+ }
76
+
77
+ log.info('[ASM] Enabled AppsecFsPlugin for %s', mod)
78
+ }
79
+
80
+ function disable (mod) {
81
+ if (!mod || !enabledFor[mod]) return
82
+
83
+ enabledFor[mod] = false
84
+
85
+ const allDisabled = Object.values(enabledFor).every(val => val === false)
86
+ if (allDisabled) {
87
+ fsPlugin?.disable()
88
+
89
+ fsPlugin = undefined
90
+ }
91
+
92
+ log.info('[ASM] Disabled AppsecFsPlugin for %s', mod)
93
+ }
94
+
95
+ module.exports = {
96
+ enable,
97
+ disable,
98
+
99
+ AppsecFsPlugin,
100
+
101
+ RASP_MODULE,
102
+ IAST_MODULE,
103
+ }